package com.abc.tacos.config;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;

/**
 * @author Kar
 * @create 2022-04-20 上午10:42
 */
// @Configuration
// @EnableWebSecurity
public class SecurityConfig_InMemory extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests() //允许基于HttpServletRequest使用限制访问
                .antMatchers("/", "/home")
                    .permitAll() //不需要身份认证
                .antMatchers("/Asuka")
                    //.authenticated() // 其他路径必须验证身份
                    .access("hasRole('USER')") // 验证角色信息
                .and()
                    .formLogin() // 使用表单登陆
                        // .loginPage("/login") // 自定义登陆页面
                        .permitAll()
                .and()
                    .logout()   // 拦截"/logout"请求, 清除session数据
                        .logoutSuccessUrl("/");
    }

    // 1） 基于内存的用户存储
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
       auth.inMemoryAuthentication()
               .withUser("Kar")
                   .password("{noop}123456")
                   .authorities("ROLE_USER")
               .and()
               .withUser("Eylin")
                   .password("{noop}654321")
                   .roles("USER");
    }
}
